Autonomous Database-related Prerequisite Tasks
Before you enable and use Database Management Diagnostics & Management for Autonomous Databases, you must complete the prerequisite tasks listed in the following table.
Task | Description | More Information |
---|---|---|
Grant a database user the privileges required to monitor and manage the Autonomous Database and save the database user password in a secret | You must grant the database user the privileges required
to monitor and manage the Autonomous Database using Diagnostics &
Management.
Note that on enabling Diagnostics &
Management, the Basic monitoring preferred credential can be set to
use the Use the Oracle Cloud Infrastructure Vault service to save the database user password in a secret with an encryption key. The Vault service is a managed service that enables you to centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources. Note that if you change the database user password, then you must also update the secret with the new password by creating a new version of the secret and updating the contents. |
For information on how to set preferred or session
credentials, see Set and Use Credentials.
For information on the required database user privileges, see Database User Privileges Required for Diagnostics & Management. For information on the Vault service, its concepts, and how to create vaults, keys, and secrets, see Vault. |
Configure network access between Database Management and the Autonomous Database |
For Autonomous Database Serverless There are three types of network access options available for Autonomous Database Serverless and to confirm which of the options to use or to update network access, go to the Autonomous Database details page. Note that if mutual TLS (mTLS) authentication is required, you must download the wallet and save it in a Vault service secret. This secret is required when enabling Diagnostics & Management for the Autonomous Database. For more information, see the last row of this table.
For Autonomous Database on Dedicated Exadata Infrastructure You must create a Database Management private endpoint. When creating a Database Management private endpoint for Autonomous Databases on Dedicated Exadata Infrastructure, select the Use this private endpoint for RAC databases or Dedicated Autonomous Databases option. By default, TLS walletless connections are enabled when provisioning Autonomous Exadata VM Cluster (AVMC) and a wallet is not required, however, if network settings are configured for mTLS and mTLS connections are selected, then you must download the wallet and save it in a Vault service secret. This secret is required when enabling Diagnostics & Management for the Autonomous Database on Dedicated Exadata Infrastructure. For more information, see the last row of this table. |
For information on network access options for Autonomous
Database Serverless, see About Network Access Options
in Using Oracle Autonomous Database Serverless.
For information on how to access Autonomous Database Serverless, see Configure Network Access with Access Control Rules (ACLs) and Private Endpoints. For information on how to access Autonomous Database on Dedicated Exadata Infrastructure, see Connect to Autonomous Database. For information on TLS walletless connections for Autonomous Database on Dedicated Exadata Infrastructure, see Prepare for TLS Walletless Connections. For information on how to create a Database Management private endpoint, see Create a Database Management Private Endpoint for Autonomous Databases. For information on NSGs and Security Lists, see Access and Security. |
Save the wallet in a Vault service secret for mTLS connections | Download the wallet from the Autonomous
Database details page. For Autonomous Databases
Serverless, it's recommended that you download the Regional
wallet.
Once you download the wallet, you
must extract the |
For information on how to download the wallet, see:
For information on the Vault service, its concepts, and how to create vaults, keys, and secrets, see Vault. |